Kibana - Session timeout [Solved]


We have noticed that after some period of time session is expired for logged in users and we should login again.

For xpack there is an option: - 1800000 - (30 minutes) Sets the session duration (in milliseconds)

We have tried to add the following option in the kibana.yml:
opendistro_security.sessiontimeout: 18000
{ ValidationError: child "opendistro_security" fails because ["sessiontimeout" is not allowed]\n

How may we configure such option for Kibana on OpenDistro?

Thank you!

Found a recently opened issue on GitHub:

Comment from above mentioned GitHub issue:

In kibana.yml :

opendistro_security.cookie.ttl | Integer, lifetime of the cookie in milliseconds. Can be set to 0 for session cookie. Default: 1 hour

opendistro_security.session.ttl | Integer, lifetime of the session in milliseconds. If set, the user is prompted to log in again after the configured time, regardless of the cookie. Default: 1 hour

opendistro_security.session.keepalive | boolean, if set to true the session lifetime is extended by opendistro_security.session.ttl upon each request. Default: true

1 Like

i want that some period of time session is not expired for logged in users.
Is this setting to keep login sessions indefinitely?

opendistro_security.cookie.ttl: 86400000
opendistro_security.session.ttl: 86400000
opendistro_security.session.keepalive: true

@Hyungho.Ko the time out is set to 24h, but not indefinitely.

Thank you for your detailed explanation.
Could you recommend any way to keep the session indefinitely?

@Hyungho.Ko there is no such option as far as I know, however you should be able to increase it to any period (years even) but can you elaborate on the use case? Would seem strange to have such a requirement from a security stand point.